Описание
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
Changes in MozillaThunderbird:
-
Mozilla Thunderbird 140.8.1 ESR
- Add mail.openpgp.load_untested_gpgme_version to load untested GPGME version
-
Mozilla Thunderbird 140.8.0 ESR MFSA 2026-17 (boo#1258568)
- CVE-2026-2757 (bmo#2001637) Incorrect boundary conditions in the WebRTC: Audio/Video component
- CVE-2026-2758 (bmo#2009608) Use-after-free in the JavaScript: GC component
- CVE-2026-2759 (bmo#2010933) Incorrect boundary conditions in the Graphics: ImageLib component
- CVE-2026-2760 (bmo#2011062) Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
- CVE-2026-2761 (bmo#2011063) Sandbox escape in the Graphics: WebRender component
- CVE-2026-2762 (bmo#2011649) Integer overflow in the JavaScript: Standard Library component
- CVE-2026-2763 (bmo#2012018) Use-after-free in the JavaScript Engine component
- CVE-2026-2764 (bmo#2012608) JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
- CVE-2026-2765 (bmo#2013562) Use-after-free in the JavaScript Engine component
- CVE-2026-2766 (bmo#2013583) Use-after-free in the JavaScript Engine: JIT component
- CVE-2026-2767 (bmo#2013741) Use-after-free in the JavaScript: WebAssembly component
- CVE-2026-2768 (bmo#2014101) Sandbox escape in the Storage: IndexedDB component
- CVE-2026-2769 (bmo#2014550) Use-after-free in the Storage: IndexedDB component
- CVE-2026-2770 (bmo#2014585) Use-after-free in the DOM: Bindings (WebIDL) component
- CVE-2026-2771 (bmo#2014593) Undefined behavior in the DOM: Core & HTML component
- CVE-2026-2772 (bmo#2014827) Use-after-free in the Audio/Video: Playback component
- CVE-2026-2773 (bmo#2014832) Incorrect boundary conditions in the Web Audio component
- CVE-2026-2774 (bmo#2014883) Integer overflow in the Audio/Video component
- CVE-2026-2775 (bmo#2015199) Mitigation bypass in the DOM: HTML Parser component
- CVE-2026-2776 (bmo#2015266) Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
- CVE-2026-2777 (bmo#2015305) Privilege escalation in the Messaging System component
- CVE-2026-2778 (bmo#2016358) Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
- CVE-2026-2779 (bmo#1164141) Incorrect boundary conditions in the Networking: JAR component
- CVE-2026-2780 (bmo#2007829) Privilege escalation in the Netmonitor component
- CVE-2026-2781 (bmo#2009552) Integer overflow in the Libraries component in NSS
- CVE-2026-2782 (bmo#2010743) Privilege escalation in the Netmonitor component
- CVE-2026-2783 (bmo#2010943) Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
- CVE-2026-2784 (bmo#2012984) Mitigation bypass in the DOM: Security component
- CVE-2026-2785 (bmo#2013549) Invalid pointer in the JavaScript Engine component
- CVE-2026-2786 (bmo#2013612) Use-after-free in the JavaScript Engine component
- CVE-2026-2787 (bmo#2014560) Use-after-free in the DOM: Window and Location component
- CVE-2026-2788 (bmo#2014824) Incorrect boundary conditions in the Audio/Video: GMP component
- CVE-2026-2789 (bmo#2015179) Use-after-free in the Graphics: ImageLib component
- CVE-2026-2790 (bmo#2008426) Same-origin policy bypass in the Networking: JAR component
- CVE-2026-2791 (bmo#2015220) Mitigation bypass in the Networking: Cache component
- CVE-2026-2792 (bmo#2008912, bmo#2010050, bmo#2010275, bmo#2012331) Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
- CVE-2026-2793 (bmo#2015196, bmo#2016423, bmo#2016498) Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
-
Mozilla Thunderbird 140.7.2 ESR MFSA 2026-11 (boo#1258231)
- CVE-2026-2447 (bmo#2014390) Heap buffer overflow in libvpx
-
Mozilla Thunderbird 140.7.1 ESR MFSA 2026-08 (bsc#1257397)
- CVE-2026-0818 (bmo#1881530) CSS-based exfiltration of the content from partially encrypted emails when allowing remote content
-
Support using system GnuPG with gpgme 2, boo#1253718
-
Mozilla Thunderbird 140.7.0 ESR MFSA 2026-05 (bsc#1256340)
- CVE-2026-0877 (bmo#1999257) Mitigation bypass in the DOM: Security component
- CVE-2026-0878 (bmo#2003989) Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
- CVE-2026-0879 (bmo#2004602) Sandbox escape due to incorrect boundary conditions in the Graphics component
- CVE-2026-0880 (bmo#2005014) Sandbox escape due to integer overflow in the Graphics component
- CVE-2026-0882 (bmo#1924125) Use-after-free in the IPC component
- CVE-2025-14327 (bmo#1970743) Spoofing issue in the Downloads Panel component
- CVE-2026-0883 (bmo#1989340) Information disclosure in the Networking component
- CVE-2026-0884 (bmo#2003588) Use-after-free in the JavaScript Engine component
- CVE-2026-0885 (bmo#2003607) Use-after-free in the JavaScript: GC component
- CVE-2026-0886 (bmo#2005658) Incorrect boundary conditions in the Graphics component
- CVE-2026-0887 (bmo#2006500) Clickjacking issue, information disclosure in the PDF Viewer component
- CVE-2026-0890 (bmo#2005081) Spoofing issue in the DOM: Copy & Paste and Drag & Drop component
- CVE-2026-0891 (bmo#1964722, bmo#2000981, bmo#2003100, bmo#2003278) Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
Список пакетов
openSUSE Leap 16.0
Ссылки
- SUSE Security Ratings
- SUSE Bug 1253718
- SUSE Bug 1256340
- SUSE Bug 1257397
- SUSE Bug 1258231
- SUSE Bug 1258568
- SUSE CVE CVE-2025-14327 page
- SUSE CVE CVE-2026-0818 page
- SUSE CVE CVE-2026-0877 page
- SUSE CVE CVE-2026-0878 page
- SUSE CVE CVE-2026-0879 page
- SUSE CVE CVE-2026-0880 page
- SUSE CVE CVE-2026-0882 page
- SUSE CVE CVE-2026-0883 page
- SUSE CVE CVE-2026-0884 page
- SUSE CVE CVE-2026-0885 page
- SUSE CVE CVE-2026-0886 page
- SUSE CVE CVE-2026-0887 page
- SUSE CVE CVE-2026-0890 page
- SUSE CVE CVE-2026-0891 page
Описание
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2025-14327
- SUSE Bug 1254551
Описание
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. This vulnerability affects Thunderbird < 147.0.1 and Thunderbird < 140.7.1.
Затронутые продукты
Ссылки
- CVE-2026-0818
- SUSE Bug 1257397
Описание
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0877
- SUSE Bug 1256340
Описание
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0878
- SUSE Bug 1256340
Описание
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0879
- SUSE Bug 1256340
Описание
Sandbox escape due to integer overflow in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0880
- SUSE Bug 1256340
Описание
Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0882
- SUSE Bug 1256340
Описание
Information disclosure in the Networking component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0883
- SUSE Bug 1256340
Описание
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0884
- SUSE Bug 1256340
Описание
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0885
- SUSE Bug 1256340
Описание
Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0886
- SUSE Bug 1256340
Описание
Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0887
- SUSE Bug 1256340
Описание
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0890
- SUSE Bug 1256340
Описание
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.
Затронутые продукты
Ссылки
- CVE-2026-0891
- SUSE Bug 1256340
Описание
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.
Затронутые продукты
Ссылки
- CVE-2026-2447
- SUSE Bug 1258388
Описание
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2757
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2758
- SUSE Bug 1258568
Описание
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2759
- SUSE Bug 1258568
Описание
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2760
- SUSE Bug 1258568
Описание
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2761
- SUSE Bug 1258568
Описание
Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2762
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2763
- SUSE Bug 1258568
Описание
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2764
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2765
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2766
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2767
- SUSE Bug 1258568
Описание
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2768
- SUSE Bug 1258568
Описание
Use-after-free in the Storage: IndexedDB component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2769
- SUSE Bug 1258568
Описание
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2770
- SUSE Bug 1258568
Описание
Undefined behavior in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2771
- SUSE Bug 1258568
Описание
Use-after-free in the Audio/Video: Playback component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2772
- SUSE Bug 1258568
Описание
Incorrect boundary conditions in the Web Audio component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2773
- SUSE Bug 1258568
Описание
Integer overflow in the Audio/Video component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2774
- SUSE Bug 1258568
Описание
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2775
- SUSE Bug 1258568
Описание
Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2776
- SUSE Bug 1258568
Описание
Privilege escalation in the Messaging System component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2777
- SUSE Bug 1258568
Описание
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2778
- SUSE Bug 1258568
Описание
Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2779
- SUSE Bug 1258568
Описание
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2780
- SUSE Bug 1258568
Описание
Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2781
- SUSE Bug 1258568
Описание
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2782
- SUSE Bug 1258568
Описание
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2783
- SUSE Bug 1258568
Описание
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2784
- SUSE Bug 1258568
Описание
Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2785
- SUSE Bug 1258568
Описание
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2786
- SUSE Bug 1258568
Описание
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2787
- SUSE Bug 1258568
Описание
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2788
- SUSE Bug 1258568
Описание
Use-after-free in the Graphics: ImageLib component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2789
- SUSE Bug 1258568
Описание
Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2790
- SUSE Bug 1258568
Описание
Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2791
- SUSE Bug 1258568
Описание
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2792
- SUSE Bug 1258568
Описание
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
Затронутые продукты
Ссылки
- CVE-2026-2793
- SUSE Bug 1258568